Upgrade to OpenSSL 3, OpenSSL 1.1 EOL approaching

Question

Upgrade to OpenSSL 3, OpenSSL 1.1 EOL approaching

enkore opened this issue 2 years ago · 3 comments

Answer 1 · 2023-07-23T11:43:56.000Z

cmake in the manylinux container is too old to correctly find OpenSSL 3.x (it detects the version as ".0.0", which then fails the requirements check for ">1.x.y").
OpenSSL 3.1.1 does build just fine in manylinux2014 and above, but gives off a number of deprecation warnings. (also needs krb5 update)

Answer 2 · 2023-09-12T06:40:02.000Z

Besides OpenSSL 1.1 itself being EOL now, it is compiled using MSVC 2013 on AppVeyor, which means that those binaries depend on the MSVS 2013 (MSVCR12) runtime, which is also approaching EOL. OpenSSL 3 on AppVeyor links against UCRT and avoids that.